I tried using the security rule as described in the 'experimental' section to reload published apps, but I can't get it to work. I published an app to the 'Everyone' stream and tried to make the api call but still receive the 403 forbidden response.
Thanks for your answer! Maybe I'm not expressing my intent completely clear. I want the app to be refreshed automatically when the user has uploaded new data. I intend to do this by making a call to the repository api when the upload has finished thus triggering the reload task. This is working well on unpublished apps but I get 403 forbidden repsonses on apps that are published.
I don't want to add an extension to my app.
I need help with writing a security rule that allows owner of apps to trigger reloads, no matter if the apps are published or not.